Total
10526 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5751 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.2 HIGH | N/A |
| Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. | |||||
| CVE-2006-5619 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. | |||||
| CVE-2006-5174 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. | |||||
| CVE-2006-3634 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash). | |||||
| CVE-2006-4538 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries. | |||||
| CVE-2006-6535 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 9.4 HIGH | N/A |
| The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead to data corruption and "node lockups." NOTE: it is not clear whether this issue is exploitable. | |||||
| CVE-2006-7203 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.0 MEDIUM | N/A |
| The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). | |||||
| CVE-2006-6333 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset. | |||||
| CVE-2006-0036 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation. | |||||
| CVE-2006-0554 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 1.7 LOW | N/A |
| Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. | |||||
| CVE-2006-1860 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack. | |||||
| CVE-2005-4635 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 5.0 MEDIUM | N/A |
| The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. | |||||
| CVE-2006-2451 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.6 MEDIUM | N/A |
| The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. | |||||
| CVE-2006-2445 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.0 MEDIUM | N/A |
| Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. | |||||
| CVE-2006-0558 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. | |||||
| CVE-2006-0037 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used. | |||||
| CVE-2006-1859 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak." | |||||
| CVE-2006-1055 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. | |||||
| CVE-2006-1342 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. | |||||
| CVE-2006-0557 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors. | |||||